[70203] in North American Network Operators' Group
RE: FW: Worms versus Bots
daemon@ATHENA.MIT.EDU (Michael.Dillon@radianz.com)
Wed May 5 05:16:52 2004
In-Reply-To: <6.1.0.6.2.20040504113458.04fe4380@mail.amaranth.net>
To: nanog@merit.edu
From: Michael.Dillon@radianz.com
Date: Wed, 5 May 2004 10:14:37 +0100
Errors-To: owner-nanog-outgoing@merit.edu
> (To deflect the inevitable "NAT is not a firewall" complaints, the box
is a
> stateful inspection firewall -- as all NAT boxes actually are).
Hmmm, are you saying that the solution to many so-called
Internet security vulnerabilities is for people to
use an SI Firewall, aka Simple, Inexpensive Firewall,
aka Stateful Inspection Firewall?
One wonders why the DSL/cable router manufacturers
haven't caught on to this idea before now.
If the goal is to actually change people's
behavior and get them to secure their own computers
then a name change like SI Firewall is actually an
important tool. There is a lot of bad press out there
for NAT and I wouldn't be surprised if a lot of the
amateur technicians of the world are advising their
clueless friends not to use it. But if ISPs would
promote the use of an SI Firewall (Simple, Inexpensive
Firewall) to their customers then perhaps we can get
more uptake and an overall improvement in security
without fussing around with frenzied patching sessions.
--Michael Dillon
